即時通訊工作在一個存儲用戶信息的Web應用程序,我想從數據庫獲取userdetails到文本框中,我可以進行更改數據並使用按鈕將數據從相同的文本框存儲到數據庫的同一個表中。它就像更新/編輯用戶配置文件 到目前爲止,我能夠將數據獲取到文本框中,但我無法更新數據。頁面提交的數據,但有數據的基礎沒有改變如何從數據庫檢索數據到文本框,並將編輯的數據從同一個文本框保存到數據庫
我使用的HTML &代碼:
<div id="pagebody" style="width: 80%; height: 120%; margin: auto;">
<div id="personalinfodiv" class="try" align="center" style="background-color: white; width: 80%; border: 1px solid gray; margin: auto">
<h3 align="center" >Personal information</h3>
<table>
<tr><td><asp:Label ID="fname" runat="server" Text="First Name :" Font-Bold="true" ForeColor="GrayText"></asp:Label></td> <td><asp:TextBox cssClass="textbox1" ID="firstnametext" runat="server"></asp:TextBox></td></tr>
<tr><td><asp:Label ID="lname" runat="server" Text="Last Name :" Font-Bold="true" ForeColor="GrayText"></asp:Label></td> <td><asp:TextBox cssClass="textbox1" ID="lastnametext" runat="server"></asp:TextBox></td></tr>
<tr><td><asp:Label ID="gender" runat="server" Text="Gender :" Font-Bold="true" ForeColor="GrayText"></asp:Label></td> <td><asp:DropDownList cssClass="textbox1" ID="gendertext" runat="server" DataSourceID="SqlDataSource1" DataTextField="Gender" DataValueField="Gender"><asp:ListItem Text="Male" Value="1"></asp:ListItem><asp:ListItem Text="Female" Value="2"></asp:ListItem></asp:DropDownList>
<asp:SqlDataSource ID="SqlDataSource1" runat="server" ConnectionString="<%$ ConnectionStrings:Koshur %>" SelectCommand="SELECT [Gender] FROM [userdetails] WHERE ([Username] = @Username)">
<SelectParameters>
<asp:QueryStringParameter Name="Username" QueryStringField="user" Type="String" />
</SelectParameters>
</asp:SqlDataSource>
</td></tr>
<tr><td><asp:Label ID="dob" runat="server" Text="Date of Birth :" Font-Bold="true" ForeColor="GrayText"></asp:Label></td> <td><asp:TextBox cssClass="textbox1" ID="dobtext" runat="server"></asp:TextBox>
</td></tr>
<tr><td><asp:Label ID="Contactno" runat="server" Text="Contact No :" Font-Bold="true" ForeColor="GrayText"></asp:Label></td> <td><asp:TextBox cssClass="textbox1" ID="contacttext" runat="server"></asp:TextBox>
</td></tr>
</table>
C#進行數據檢索:
string CSs = ConfigurationManager.ConnectionStrings["Koshur"].ConnectionString;
using (SqlConnection conn = new SqlConnection(CSs))
{
string query = "select * from userdetails where Username='" + HttpContext.Current.User.Identity.Name.ToString() + "';";
SqlCommand cmd = new SqlCommand(query, conn);
SqlDataAdapter da = new SqlDataAdapter(cmd);
DataSet ds = new DataSet();
da.Fill(ds, "userdetails");
firstnametext.Text=ds.Tables["userdetails"].Rows[0]["Firstname"].ToString();
lastnametext.Text = ds.Tables["userdetails"].Rows[0]["Lastname"].ToString();
dobtext.Text = ds.Tables["userdetails"].Rows[0]["Dateofbirth"].ToString();
contacttext.Text = ds.Tables["userdetails"].Rows[0]["ContactNO"].ToString();
}
C#更新數據轉化爲表格並使用此存儲過程 即可
protected void savecontinue_Click(object sender, EventArgs e)
{
// Response.Redirect("test.aspx?q=" + firstnametext.Text +"&" + lastnametext.Text);
string ct = ConfigurationManager.ConnectionStrings["Koshur"].ConnectionString;
using (SqlConnection con = new SqlConnection(ct))
{
SqlCommand cmnd = new SqlCommand("spupdateuserprofiledetails", con);
cmnd.CommandType = CommandType.StoredProcedure;
SqlParameter first = new SqlParameter("@Firstname", firstnametext.Text);
SqlParameter last =new SqlParameter("@Lastname", lastnametext.Text);
SqlParameter dobb=new SqlParameter("@Dateofbirth", dobtext.Text);
SqlParameter connt=new SqlParameter("@ContactNo", contacttext.Text);
SqlParameter userna = new SqlParameter("@Username", HttpContext.Current.User.Identity.Name.ToString());
cmnd.Parameters.Add(first);
cmnd.Parameters.Add(last);
cmnd.Parameters.Add(dobb);
cmnd.Parameters.Add(connt);
cmnd.Parameters.Add(userna);
con.Open();
cmnd.ExecuteNonQuery();
}
}
}
這是我的存儲過程
create proc spupdateuserprofiledetails
@Firstname varchar(100),
@Lastname Varchar(100),
@Dateofbirth varchar(100),
@ContactNo varchar(100),
@Username varchar(100)
as
begin
update Userdetails
set [email protected],[email protected],[email protected],[email protected]
where [email protected]
end
請問您還可以發佈您的spupdateuserprofiledetails? – fnupp 2014-11-04 13:17:32
SELECT查詢中可能的SQL注入附加 – Ruskin 2014-11-04 13:27:14
在SQL Server中,請勿對存儲的procs使用前綴「sp」:數據庫引擎首先在系統數據庫中查找那些首次將毫秒添加到處理時間的數據庫 – Ruskin 2014-11-04 13:28:00